add-gchat

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill connects an agent to Google Chat via an HTTP webhook and explicitly instructs wiring the channel so the bot will receive and process arbitrary user messages from Google Chat spaces (see SKILL.md "Credentials", "Verify Google Chat Channel", and "Channel Info"), exposing it to untrusted third-party user-generated content that could carry indirect prompt injections.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's install steps fetch and install remote code that will be executed by the agent (e.g., "git fetch origin channels" / "git show origin/channels:src/channels/gchat.ts" which pulls adapter source from the remote git origin, and "pnpm install @chat-adapter/gchat@4.26.0" which installs a remote npm package), so external content is fetched at install/runtime and can execute.